Concourse upgraded to v6.5.1
We have upgraded our Concourse setups to the latest version 6.5.1 (from version 6.4.0).
More …Vault upgraded to 1.5.3
We have updated our Kubernetes based Vault setups to the latest version 1.5.3.
Feature: NodeLocal DNSCache
We’re happy to announce we now support NodeLocal DNSCache on our managed clusters for those that need the performance improvements it provides. This also resolves issues around conntrack tables filling up on some cluster’s nodes.
More …Upgraded several cluster components
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already rolled these out to all staging clusters. Production clusters will follow in the coming days.
More …Monitoring for External-DNS
We have enabled the ServiceMonitor for External-DNS and added new alerts for it. You can find these alerts here.
Disable Nginx server token
As part of our ongoing security audits we noticed Nginx ingress’s server token of our Kubernetes clusters is enabled (which is the default configuration). This leads to exposing Nginx version in the HTTP headers. We have decided to disable it as recommended, no further actions are required from your side, we went ahead and already disabled it for all of the staging clusters, and production clusters will follow by the beginning of next week.
Updates for addons
We have updated the following components on our Kubernetes clusters:
More …Concourse upgraded to v6.4.0
We have upgraded our Concourse setups to the latest version 6.4.0 (from version 6.2.0).
More …Vault upgraded to 1.5.0
We have updated our Kubernetes based Vault setups from 1.4.2 to the latest version 1.5.0.
Upgrade EKS to 1.17
With the major K8s 1.16 from last month just behind us, we now have updated our EKS control planes and nodes to the latest supported version: 1.17. This brings EKS on K8s v1.17.6.
Support Loki log-based alerting and metrics in Grafana
It’s now possible to use Loki log metrics in standard Grafana panels (i.e. gauges, simple graphs, bar graphs, etc.). Additionally, you can also create alerts based on those graphs, with the built-in alerting system in Grafana.
More …Updated docker images
We have updated the docker images that we internally use. We have made the following changes:
More …Updated Teleport to version 4.2.10
We’ve updated all Teleport clusters and nodes to version 4.2.10. This update mainly contains bug fixes and performance improvements.
More …Upgraded all ECS clusters
We’ve rolled out all our ECS worker nodes with updated OS and ECS agent. These updates mainly contained bug fixes, security patches and performance improvements.
More …Updates for authorization addons
We have updated our monitoring plugins on our Kubernetes clusters.
More …Update of ingress-nginx
We have updated the ingress-nginx component to 0.33.0 and its chart to the latest version (2.6.0)
More …Migrating from kube2iam to IAM roles for Service Accounts (IRSA)
Since the beginnning when we started rolling out our K8s-based reference solution towards customers, we’ve been handling application access to AWS resources via kube2iam.
More …Update of Velero
We have updated the Velero cluster components to 1.4.0. Velero is responsible for taking cluster backups.
Upgraded monitoring plugins
We have updated our monitoring plugins on our Kubernetes clusters.
More …Vault upgraded to 1.4.2
We have updated our Kubernetes based Vault setups from 1.3.2 to the latest version 1.4.2.
More …